# This class defines the user action supported by the program
# Author::	Rashmi Motgi(mailto: rashmi.motgi@gmail.com)
# Copyright:: Copyright (c) SJSU 2008
class MywikiUserController < ApplicationController
  # index page is redirected to user privileges management page
  def index
	redirect_to :action => :manage
  end

  # page to edit privileges for a user
  def edit
	get_user
	@usr = MywikiUser.find(params[:id]);
	p @usr
	@edit = true	
	@search = false
  end

  # list all mywiki users with their privileges
  def manage
	@id=session[:user_id]
	p 'In manage privilege'
	p @id
	@users = MywikiUser.find(:all, :select => "distinct *", :limit => 10);
	p 'printing the user'
	p @users	 
	get_user
  end
 
  # called when submitting edit page to update privileges
  def update	
	@usr = MywikiUser.find(params[:id]);
	if @usr.update_attributes(params[:usr])
		p 'Update Sucess'
		flash[:notice] = 'Privileges was successfully updated.'
		redirect_to :action => :manage
	else
		p 'Update Failed'
	end	
  end
  
  private 
  
  # Check if user is logged in, otherwise redirect to login page
  def get_user
	p 'In get user...'
	@id=session[:user_id]
	p @id
	if @id.nil?
		flash[:error] = 'You do not have permission';		
		redirect_to :controller => 'home', :action => :index 
	else
		@user = MywikiUser.find(@id)
		p @user
		if @user.a_priv == true
			@manage = true
		else
			flash[:error] = 'You do not have permission';		
			redirect_to :controller => 'home', :action => :index 
		end
	end
  end
end

